Hi all, I try to sync Active Directory groups and Otrs Roles in OTRS 2.4.6. In found this doc http://lists.otrs.org/pipermail/otrs/2009-November/029206.html from the list. But if have some problem to implement it. Before testing, OTRS works fine with AD sync for Agents. I have created 1 AD group called Inscriptions like this cn=Inscriptions,ou=OTRS,ou=Pro,dc=exploitation,dc=local I put the AD account of 1 agent into it (in AD, adlogin). I modified my Config.pm file like this : $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member'; # I have test memberOf, MemberOf, memberUid $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN'; # AuthSyncModule::LDAP::UserSyncInitialGroups # (sync following group with rw permission after initial create of first agent login) $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ 'users', ]; $Self->{'AuthSyncModule::LDAP::UserSyncRolesDefinition'} = { # ldap group 'cn=Inscriptions,ou=OTRS,ou=Pro,dc=exploitation,dc=local' => { # otrs role 'Inscriptions' => 1, } }; In OTRS log if have this: User: adlogin not in GroupDN='cn=Inscriptions,ou=OTRS,ou=Pro,dc=exploitation,dc=local', Filter='(member=CN=My Name,OU=Pro,DC=exploitation,DC=local)'! (REMOTE_ADDR: X.X.X.X). User: 'adlogin' sync ldap groups cn=Inscriptions,ou=OTRS,ou=Pro,dc=exploitation,dc=local to roles! User: 'adlogin' changed password successfully! User: 'adlogin' updated successfully (1)! User: adlogin (CN=My Name,OU=Pro,DC=exploitation,DC=local) authentication ok (REMOTE_ADDR: X.X.X.X). adlogin = my sAMAccountName, member of AD group Inscriptions I think OTRS find the AD group (if I give an unkown name, I have an other error), but can't test if the agent account is member of the group. Anyone have an idea ?? Thanks in advance for your help. OTRS is a great product and I like it ;-) -- Guillaume REHM Centre de Ressources Informatiques Responsable Sécurité du Système d'Information (RSSI) Bibliothèque Nationale et Universitaire de Strasbourg 5 rue du Maréchal Joffre BP 51029 67070 Strasbourg tél: 03 88 25 28 23 fax: 03 88 25 28 03 mail: guillaume.rehm@bnu.fr web: http://www.bnu.fr